Microsoft Outlook Remote Code Execution Vulnerability

Microsoft Office Remote Code Execution Vulnerability

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Media Encoder versions 24.2.1, 23.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Azure Data Studio Elevation of Privilege Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

Session version 1.17.5 allows obtaining internal application files and public files from the user's device without the user's consent. This is possible because the application is vulnerable to Local File Read via chat attachments.

Internet Shortcut Files Security Feature Bypass Vulnerability

Windows SmartScreen Security Feature Bypass Vulnerability

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks that perform arbitrary actions on an affected device. Note: "Cisco Expressway Series" refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices. For more information about these vulnerabilities, see the Details ["#details"] section of this advisory.